﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using OAuth2.Provider.IService;
using OAuth2.Framework;
using OAuth2.Framework.Resources;
using OAuth2.Provider.Common;
using Microsoft.Practices.ServiceLocation;

namespace OAuth2.Provider.AuthorizationEndpoint
{
    public class AuthorizationProvider:IAuthorizationProvider
    {
        readonly IServiceFactory ServiceFactory;

        public AuthorizationProvider(IServiceFactory serviceFactory) {
            ServiceFactory = serviceFactory;
        }

        #region IAuthorizationProvider 成员

        public void CreateAuthorizationGrant(IAuthorizationContext context)
        {

            try {
                InspectRequest(context);

                IEnumerable<ContextProcessor<IAuthorizationContext>> processors = ServiceLocator.Current.GetAllInstances<ContextProcessor<IAuthorizationContext>>();

                bool handled =false;

                foreach(ContextProcessor<IAuthorizationContext> processor in processors)
                {
                    if(!processor.IsSatisfiedBy(context)) continue;
                    processor.Process(context);
                    handled=true;break;
                }
                if(!handled) 
                    throw Errors.UnsupportedResponseType(context,context.AuthorizationGrant.ResponseType);

                if(!context.AuthorizationGrant.IsApproved)
                {
                    throw Errors.AccessDenied(context);
                }

            }catch(OAuthErrorResponseException<IAuthorizationContext> ex){
                context.Error = new ErrorResponse { 
                    Error=ex.Error,
                    ErrorDescription=ex.Message,
                    ErrorUri=ex.ErrorUri
                };
            }
        }

        public bool IsAccessApproved(IAuthorizationContext context)
        {
            InspectRequest(context);

           // return ServiceFactory.
            return false;
        }

        #endregion

        #region Private Method

        private void InspectRequest(IAuthorizationContext context) { 
            
        }

        /// <summary>
        /// 检测上下文中是否含有ResourceOwner
        /// </summary>
        /// <param name="context"></param>
        private void AssertResourceOwnerIDIsNotBlank(IAuthorizationContext context)
        {
            if (string.IsNullOrWhiteSpace(context.ResourceOwnerUsername))
            {
                throw new OAuthFatalException(AuthorizationEndPointResources_CN.ResourceOwnerNotIncluded);
            }
        }

        /// <summary>
        /// 检测上下文中是否已经包含了Token
        /// </summary>
        /// <param name="context"></param>
        private void AssertNoAuthorizationToken(IAuthorizationContext context)
        {
            if (context.Token != null)
            {
                throw new OAuthFatalException(AuthorizationEndPointResources_CN.AuthorizationContextContainsToken);
            }
        }

        private void AssertIsClient(IAuthorizationContext context) { 
            
        }

        private void AssertRedirectUriIsValid(IAuthorizationContext context) {
        
        
        }

        #endregion 


    }
}
